This paper studies the collection of operation record, operation log and alarm information of information system, and puts forward a unified log collection system for pan-government industry safety operation management platform. The flow processing architecture based on message queue is adopted to realize the decoupling of log collection, log processing and log reporting. Standardized interfaces and plug-ins are used to collect heterogeneous log information and data. The traffic peak clipping technology of message queue is adopted to ensure the safety and reliability of log transmission. According to the characteristics of log traffic, a design mode supporting dynamic adjustment of consumption group is proposed to meet the high performance requirements of the system. The whole system is composed of log collection, data reporting, data management, system management, policy management, Agent management, log source management module and log collection subsystem, which can meet the centralized analysis, security threat perception and intelligent analysis of various security data.